[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Alternative nSelectors patch (Was: bzip2 1.0.7 released)


> Attached is the patch with a commit message that hopefully explains why
> the change is correct (and why the CVE, although a source code bug,
> wasn't really exploitable in the first place). Hope it makes sense.

So the https://sourceware.org/git/bzip2-tests.git was integrated into
the buildbot and it turned RED. As expected, since without this fix it
fails with:
 - ./lbzip2/32767.bz2 bad decompress result

So I have now pushed the patch and hopefully that turns the buildbot
green: https://builder.wildebeest.org/buildbot/#/builders?tags=bzip2